+ All Categories
Home > Software > Making threat modeling so easy

Making threat modeling so easy

Date post: 22-Jan-2018
Category:

Software
Upload: dinis-cruz
View: 481 times
Download: 1 times
Download Report this document
Share this document with a friend
40
Transcript
Page 1: Making threat modeling so easy
Page 2: Making threat modeling so easy
Page 3: Making threat modeling so easy
Page 4: Making threat modeling so easy
Page 5: Making threat modeling so easy
Page 6: Making threat modeling so easy
Page 7: Making threat modeling so easy
Page 8: Making threat modeling so easy
Page 9: Making threat modeling so easy
Page 10: Making threat modeling so easy
Page 11: Making threat modeling so easy
Page 12: Making threat modeling so easy
Page 13: Making threat modeling so easy
Page 14: Making threat modeling so easy
Page 15: Making threat modeling so easy
Page 16: Making threat modeling so easy
Page 17: Making threat modeling so easy
Page 18: Making threat modeling so easy

††Spoofing, Tampering, Repudiation, Information Disclosure,Denial of Service, Elevation of Priv

† Data Flow Diagrams

Page 19: Making threat modeling so easy
Page 20: Making threat modeling so easy
Page 21: Making threat modeling so easy
Page 22: Making threat modeling so easy
Page 23: Making threat modeling so easy
Page 24: Making threat modeling so easy
Page 25: Making threat modeling so easy
Page 26: Making threat modeling so easy
Page 27: Making threat modeling so easy
Page 28: Making threat modeling so easy
Page 29: Making threat modeling so easy

http://caniuse.com/#search=hsts

https://developer.mozilla.org/en-US/docs/web/Security/HTTP_strict_transport_security

http://caniuse.com/#search=hsts
https://developer.mozilla.org/en-US/docs/web/Security/HTTP_strict_transport_security
Page 30: Making threat modeling so easy

https://www.nartac.com/Products/IISCrypto/Default.aspx

https://www.nartac.com/Products/IISCrypto/Default.aspx
Page 31: Making threat modeling so easy
Page 32: Making threat modeling so easy

http://www.microsoft.com/security/data/

Page 33: Making threat modeling so easy
Page 34: Making threat modeling so easy
Page 35: Making threat modeling so easy
Page 36: Making threat modeling so easy

S

STRIDE

STRIDE

TI TI

TI

TI

TI

TI

TI

TI

Page 37: Making threat modeling so easy

S

STRIDE

STRIDE

TI TI

TI

TI

TI

TI

TI

TI

THIS IS YOUR

THREAT MODEL!

Page 38: Making threat modeling so easy
Page 39: Making threat modeling so easy
Page 40: Making threat modeling so easy

Recommended
Lecture 7: Threat Modeling

Lecture 7: Threat Modeling

Documents

DNS Threat Modeling - OWASP · Threat Modeling Using STRIDE By: Girindro Pringgo Digdo, ... Threat Modeling Diagram Identify Threats Identify Threats Mitigate Validate STRIDE Trike

DNS Threat Modeling - OWASP · Threat Modeling Using STRIDE By: Girindro Pringgo Digdo, ... Threat Modeling Diagram Identify Threats Identify Threats Mitigate Validate STRIDE Trike

Documents

Threat Modeling (Part 3)

Threat Modeling (Part 3)

Self Improvement

Using the Threat Agent Library to improve threat modeling

Using the Threat Agent Library to improve threat modeling

Technology

Threat Modeling for Secure - Application Security Testing ... · Threat Modeling for Secure Embedded Software | |Klocwork White Paper 2 Threat Modeling – A Brief Overview_____ Threat

Threat Modeling for Secure - Application Security Testing ... · Threat Modeling for Secure Embedded Software | |Klocwork White Paper 2 Threat Modeling – A Brief Overview_____ Threat

Documents

Threat Modeling (Part 5)

Threat Modeling (Part 5)

Self Improvement

Threat Modeling with STRIDE - Concordia Universityusers.encs.concordia.ca/~clark/courses/1601-6150/scribe/L04c.pdf · Threat Modeling with STRIDE Slides adapted from Threat Modeling:

Threat Modeling with STRIDE - Concordia Universityusers.encs.concordia.ca/~clark/courses/1601-6150/scribe/L04c.pdf · Threat Modeling with STRIDE Slides adapted from Threat Modeling:

Documents

Threat Modeling - GBV

Threat Modeling - GBV

Documents

Tactical Threat Modeling - SAFECode · Tactical Threat Modeling

Tactical Threat Modeling - SAFECode · Tactical Threat Modeling

Documents

Reverse Threat Modeling

Reverse Threat Modeling

Documents

Threat Modeling - CrossCountry Consulting

Threat Modeling - CrossCountry Consulting

Documents

Threat Modeling And Analysis

Threat Modeling And Analysis

Technology

Threat Modeling - home.eng.iastate.edu

Threat Modeling - home.eng.iastate.edu

Documents

Cloud Threat Modeling

Cloud Threat Modeling

Documents

Organizational Threat Modeling - EnergySec

Organizational Threat Modeling - EnergySec

Documents

Threat Modeling / iPad

Threat Modeling / iPad

Technology

Threat Modeling (Part 2)

Threat Modeling (Part 2)

Self Improvement

Threat modeling guide - DW.COM

Threat modeling guide - DW.COM

Documents